]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph-ci.git/commitdiff
projects / ceph-ci.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bf453f0)
selinux: allow ceph_t amqp_port_t:tcp_socket
authorkalebskeithley <kaleb@redhat.com>
Wed, 8 Jul 2020 19:20:30 +0000 (15:20 -0400)
committerGitHub <noreply@github.com>
Wed, 8 Jul 2020 19:20:30 +0000 (15:20 -0400)
allow ceph_t amqp_port_t:tcp_socket name_connect;
allow ceph_t soundd_port_t:tcp_socket name_connect;

Required for running RabbitMQ

(soundd_port_t) for running RabbitMQ on port 8000

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1854083
Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
selinux/ceph.te patch | blob | history

diff --git a/selinux/ceph.te b/selinux/ceph.te
index c706c0c29910a541671143486d5eddbcab5e021a..2e710e1b1d40d60c30fee41bb58da668b07dc9ee 100644 (file)
--- a/selinux/ceph.te
+++ b/selinux/ceph.te
@@ -88,6 +88,8 @@ corenet_tcp_sendrecv_cyphesis_port(ceph_t)
 
 allow ceph_t commplex_main_port_t:tcp_socket name_connect;
 allow ceph_t http_cache_port_t:tcp_socket name_connect;
+allow ceph_t amqp_port_t:tcp_socket name_connect;
+allow ceph_t soundd_port_t:tcp_socket name_connect;
 
 corecmd_exec_bin(ceph_t)
 corecmd_exec_shell(ceph_t)
Unnamed repository; edit this file 'description' to name the repository.